PRO+ Premium Content/Information Security

Thank you for joining!
Access your Pro+ Content below.
September 2003

Certification requirements could change role of CSOs/CISOs

A Los Angeles consulting firm is betting that the growing emphasis on infosecurity as part of overall business risk management will fuel interest in its plan for a new CSO/CISO certification program. However, infosecurity analysts and existing certification organizations say the certification would be redundant and are skeptical about its prospects. Bill Gillespie, president of Risk Analysis Group, likens the certification to "a Ph.D. in security," with an emphasis on business continuity, including heavy stress on compliance with the Sarbanes-Oxley Act. In the wake of corporate disasters like Enron and WorldCom, Gillespie says CEOs are looking for the right mix of skills to manage corporate risk and compliance. So, he sees the new CSO requiring skills in risk assessment and business continuity planning, and to be the go-to person for Sarbanes-Oxley compliance. Risk Analysis Group has no date for launching the certification program. The program faces many challenges. For starters, there's a credibility issue. "I would never ...

Access this PRO+ Content for Free!

Features in this issue

Columns in this issue